Skip to main content

Privacy Policy

Last updated: April 23, 2026

1. Who We Are

TAKE INTEREST Inc. ("TAKE INTEREST," "we," "our," or "us") operates the products and services described below. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our products and services, including the Take Interest workspace, GuardClaw security platform, and our website at takeinterest.ai (collectively, the "Services").

2. Information We Collect

2.1 Information You Provide

Account Information: When you create an account, we collect your email address and authentication credentials. Authentication may use Firebase Authentication (Google Identity Platform) or equivalent managed identity services. Multi-factor authentication may be required for specific environments.

User-Generated Content: Content you create within our Services, including decision drafts, strategies, evidence notes, frameworks, and other workspace content. We treat all user-generated content as highly sensitive and private.

Contact Information: When you contact us via our contact form, we collect your name, email address, subject, and message content. The form uses Cloudflare Turnstile for bot verification, which may process your IP address and browser signals to validate the challenge. See Section 6 for details.

2.2 Information Collected Automatically

GuardClaw Telemetry (opt-out): The GuardClaw CLI collects anonymous telemetry by default, including decision counts, threat scores, timing data, platform, and version. No prompts, commands, file paths, or PII are included. You can disable telemetry at any time with guardclaw telemetry disable.

Dashboard Analytics: We use Mixpanel for anonymous product analytics on the GuardClaw dashboard. IP tracking is disabled. No PII is collected through Mixpanel.

Error Diagnostics: We use Sentry for error reporting with heavy redaction. Default PII sending is disabled. Trace sampling is set to zero. Only crash diagnostics necessary for product stability are collected.

Server Logs: Standard server access logs are collected for security and operational purposes. These logs do not contain user-generated content.

GuardClaw Agent Data: When agent management features are enabled, we collect agent identifiers, hostname, operating system, software version, heartbeat timestamps, CPU and memory usage metrics, runtime duration, anomaly scores, and agent control event logs (including actor IP addresses for audit purposes).

2.3 How We Do Not Use Your Information

We do not use advertising cookies or third-party ad networks. We do not sell, rent, or share your personal information with advertisers. Mixpanel product analytics and Sentry error monitoring run on app.takeinterest.ai — both are disclosed above (§2.2), IP tracking is disabled on Mixpanel, and paid-tier users have these analytics disabled entirely.

2.4 Model Training — What We Do Not Do

We do not use your User Content, decision drafts, strategies, or any user-generated material to train machine learning models. This applies to our own models and to any third-party models (including Claude, Gemini, and the embedding models used by the Services). We set the user_data_not_for_training flag on provider API calls where the provider supports it, and we maintain a policy-level commitment for providers where the flag is not exposed. De-identified, aggregated usage signals (e.g., anonymous feature counts) may be used to improve the Services themselves; those aggregates do not include User Content and are never sent to a model for training. This commitment is part of our published data philosophy — eight "never do" rules, enforced in code where possible. Contact privacy@takeinterest.ai for the current version of the policy.

3. How We Use Your Information

We use your information to:

Provide, maintain, and improve our Services. Authenticate your identity and enforce access controls. Communicate with you about your account or our Services. Respond to your inquiries and support requests. Detect, prevent, and address security threats and abuse. Improve our systems and train machine learning models (see Section 2.4). Comply with legal obligations.

4. Data Storage and Security

Infrastructure: All data is stored on Google Cloud Platform (GCP) in the United States. Data is encrypted at rest using Google-managed encryption and in transit using TLS 1.2+.

Sensitive Data Encryption: OAuth tokens and other highly sensitive credentials are encrypted using managed cryptographic controls and secure secret storage.

Access Controls: Backend services use dedicated service accounts with least-privilege permissions. User access controls may include allowlisting, MFA requirements, and server-side token verification where applicable.

Edge Protection: Public endpoints use edge protections such as rate limiting and request filtering to reduce abuse risk.

5. Data Retention

Account Data: Retained for the duration of your account. Deleted within 30 days of account deletion request.

User-Generated Content: Retained for the duration of your account. You may export or delete your content at any time.

GuardClaw Audit Data: All decision receipts are stored indefinitely. Access is limited by plan: Free (1,000 most recent receipts per workspace), Pro (100,000), Ultimate (500,000). Usage events are retained for operational purposes.

Server Logs: Retained for up to 90 days for security and operational purposes.

Contact Form Submissions: Retained for up to 180 days or until the inquiry is resolved, whichever comes first. Submissions are automatically deleted after the retention period.

6. Third-Party Services

We use the following third-party services as part of our infrastructure:

Google Cloud Platform: Cloud infrastructure, hosting, and authentication. Subject to Google Cloud's Data Processing Terms.

Firebase: Authentication and web hosting. Subject to Firebase Terms of Service.

Stripe: Payment processing (when enabled). Subject to Stripe's Privacy Policy. We do not store credit card numbers on our servers.

Cloudflare: DNS, edge network, and bot verification (Turnstile) for the contact form. Turnstile processes IP addresses and browser signals to distinguish humans from bots. Subject to Cloudflare's Privacy Policy.

Sentry: Error monitoring with heavily redacted data. No PII is transmitted.

Mixpanel: Anonymous product analytics for the GuardClaw dashboard. IP tracking is disabled. No PII is collected.

We do not share user-generated content with any third-party service for their independent use. For our own model training and system improvement, see Section 2.4.

7. Your Rights

Depending on your jurisdiction, you may have the following rights:

Access: Request a copy of the personal information we hold about you.

Correction: Request correction of inaccurate personal information.

Deletion: Request deletion of your personal information and account.

Export: Request an export of your data in a portable format.

Restriction: Request restriction of processing of your personal information.

Objection: Object to processing of your personal information.

To exercise any of these rights, contact us at privacy@takeinterest.ai. We will respond within 30 days.

8. International Data Transfers

Our Services are hosted in the United States. If you access our Services from outside the United States, your information will be transferred to, stored, and processed in the United States. We implement appropriate safeguards for international data transfers in compliance with applicable data protection laws.

9. Children's Privacy

Our Services are not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete that information promptly.

10. California Privacy Rights (CCPA)

If you are a California resident, you have the right to: know what personal information we collect, request deletion of your personal information, opt out of the sale of personal information (we do not sell personal information), and not be discriminated against for exercising your privacy rights.

11. European Privacy Rights (GDPR)

If you are located in the European Economic Area, United Kingdom, or Switzerland, our legal basis for processing your personal information is: contractual necessity (to provide our Services), legitimate interests (security, fraud prevention, service improvement), consent (where required), and legal obligation (compliance with applicable laws). You have additional rights under GDPR including data portability and the right to lodge a complaint with a supervisory authority.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of our Services after the effective date of changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices, contact us at:

TAKE INTEREST Inc.
Email: privacy@takeinterest.ai